diff --git a/jsign-core/src/main/java/net/jsign/SignerHelper.java b/jsign-core/src/main/java/net/jsign/SignerHelper.java index 178d583f..c79c92e0 100644 --- a/jsign-core/src/main/java/net/jsign/SignerHelper.java +++ b/jsign-core/src/main/java/net/jsign/SignerHelper.java @@ -361,7 +361,7 @@ private AuthenticodeSigner build() throws SignerException { if (chain == null) { throw new SignerException("No certificate found under the alias '" + alias + "' in the keystore " + (provider != null ? provider.getName() : keystore) + " (available aliases: " + String.join(", ", aliases) + ")"); } - if (certfile != null) { + if (certfile != null && !"GOOGLECLOUD".equals(storetype)) { if (chain.length != 1) { throw new SignerException("certfile " + parameterName + " can only be specified if the certificate from the keystore contains only one entry"); } diff --git a/jsign-core/src/test/java/net/jsign/SignerHelperTest.java b/jsign-core/src/test/java/net/jsign/SignerHelperTest.java index eda771c3..08ca9d3f 100644 --- a/jsign-core/src/test/java/net/jsign/SignerHelperTest.java +++ b/jsign-core/src/test/java/net/jsign/SignerHelperTest.java @@ -28,6 +28,7 @@ import net.jsign.jca.Azure; import net.jsign.jca.DigiCertONE; +import net.jsign.jca.GoogleCloud; import net.jsign.pe.PEFile; import static org.junit.Assert.*; @@ -100,6 +101,36 @@ public void testAzureKeyVault() throws Exception { assertEquals("Digest algorithm", NISTObjectIdentifiers.id_sha256, si.getDigestAlgorithmID().getAlgorithm()); } + @Test + public void testGoogleCloud() throws Exception { + File sourceFile = new File("target/test-classes/wineyes.exe"); + File targetFile = new File("target/test-classes/wineyes-signed-with-signing-service.exe"); + + FileUtils.copyFile(sourceFile, targetFile); + + SignerHelper helper = new SignerHelper(new StdOutConsole(1), "option") + .storetype("GOOGLECLOUD") + .keystore("projects/fifth-glider-316809/locations/global/keyRings/jsignkeyring") + .storepass(GoogleCloud.getAccessToken()) + .alias("test") + .certfile("src/test/resources/keystores/jsign-test-certificate-full-chain-reversed.pem") + .alg("SHA-256"); + + helper.sign(targetFile); + + PEFile peFile = new PEFile(targetFile); + List signatures = peFile.getSignatures(); + assertNotNull(signatures); + assertEquals(1, signatures.size()); + + CMSSignedData signedData = signatures.get(0); + assertNotNull(signedData); + + // Check the signature algorithm + SignerInformation si = signedData.getSignerInfos().getSigners().iterator().next(); + assertEquals("Digest algorithm", NISTObjectIdentifiers.id_sha256, si.getDigestAlgorithmID().getAlgorithm()); + } + @Test public void testDigiCertONE() throws Exception { String apikey = DigiCertONE.getApiKey();